Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Silver

WLC configuration topology

I have CISCO 2911 with SRE module for Wireless Lan controller software. also between my local network and CISCO router is a firewall, CISCO router is an edge router so router and my Lan are in different subnets. i want Wlan and Lan to be in a same subnet is it possible? In other words, can WLC and Access points be in different subnets? the case is that wireless devices should be behind the firewall.

---

Posted by WebUser Nika Pitskhelauri from Cisco Support Community App

5 REPLIES
Hall of Fame Super Silver

Re: WLC configuration topology

Yes you can have the wlc and APs on a different subnet. You need to make sure you have udp 5245 & 5247 (capwap) or udp 12222 & 12223 (lwapp) allowed between the wlc and the APs.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

WLC configuration topology

You can use wireless LAN to be on same VLAN as wired one. You can also use the APs on different VLAN.

If there is a firewall between the APs and the WLAN then jsut like Scott mentioned you need to make sure specific ports are allowd.

Here is a wireless ports doc that shows you what ports need to be opened to/from the APs:

http://tiny.cc/89xakw

HTH

Amjad

You want to say "Thank you"?
Don't. Just rate the useful answers,
that is more useful than "Thank you".

Rating useful replies is more useful than saying "Thank you"
Bronze

Re: WLC configuration topology

Yes the WLC and ap can be in different subnet. But how can the WLAN and LAN in the same subnet in this case? As the WLC is integrated with the router, the wlan's L3 will be terminated on the router. The LAN and router are in different subnets and there is a firewall in the middle. I can't think of how we can make them in the same subnet.

Sent from Cisco Technical Support iPad App

Re: WLC configuration topology

You have to use bridge groups to accomplish this.  You configure a bridge-group under the sub-interface, then the same under the interface that connects to the lan.

as an example

bridge-group 10 protocol ieee

bridge-group 10 route IP.

interface gig0/0.10

ip address 10.10.10.1 255.255.255.0

bridge-group 10

interface SRE1/0.10

bridge-group 10

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Bronze

Re: WLC configuration topology

As i understand, the router does not have a interface connects to LAN. There is a firewall between the router and the LAN. Will this solution still work across the firewall? How can you make the L2 cross the firewall? I assume the firewall is not running in L2 mode.

Sent from Cisco Technical Support iPad App

515
Views
0
Helpful
5
Replies